I wrote this for myself because I have 100+ "private" repos over 10 groups with 25+ users. I want most of my users to access most of my repositories, so I'd rather start with a mass grant, and then manually pare down access as necessary. I don't want to achieve access using the "internal" visibility setting, because I will inevitably have to add an account for an external vendor or consultant at some point. The current two ways for me to achieve this are:

rake gitlab:import:all_users_to_all_projects - which is madness to maintain with that many repos and users. And frankly, when it comes to access control in general, I think it's smarter to encourage grants at the group level instead of at the entity level.

Manually add all the users to the groups, which still adds up to 250 manual actions to make.

As for the "owner" flag given to admins, I did just confirm global admins can still manage group members (except for their own) even if their group-level access is only 'developer', so I'm open to whatever access level makes the most sense, but adding them as owners is not giving them any added permission they wouldn't otherwise have.